EasyManua.ls Logo

Axis C6110 - Page 30

Axis C6110
51 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AXISC6110NetworkPagingConsole
Thewebinterface
Addcerticate:Clicktoaddacerticate.
More:Showmoreeldstollinorselect.
Securekeystore:SelecttouseSecureelementorTrustedPlatformModule2.0tosecurelystoretheprivatekey.For
moreinformationonwhichsecurekeystoretoselect,gotohelp.axis.com/en-us/axis-os#cryptographic-support.
Keytype:Selectthedefaultoradifferentencryptionalgorithmfromthedrop-downlisttoprotectthecerticate.
Thecontextmenucontains:
Certicateinformation:Viewaninstalledcerticate’sproperties.
Deletecerticate:Deletethecerticate.
Createcerticatesigningrequest:Createacerticatesigningrequesttosendtoaregistrationauthoritytoapply
foradigitalidentitycerticate.
Securekeystore
:
Secureelement(CCEAL6+):Selecttousesecureelementforsecurekeystore.
TrustedPlatformModule2.0(CCEAL4+,FIPS140-2Level2):SelecttouseTPM2.0forsecurekeystore.
Networkaccesscontrolandencryption
IEEE802.1x
IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless
networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby
anauthenticationserver,typicallyaRADIUSserver(forexample,FreeRADIUSandMicrosoftInternetAuthenticationServer).
IEEE802.1AEMACsec
IEEE802.1AEMACsecisanIEEEstandardformediaaccesscontrol(MAC)securitythatdenesconnectionlessdatacondentiality
andintegrityformediaaccessindependentprotocols.
Certicates
WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself
regardlessofwhatnetworkitisconnectedto.
Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).
Toallowthedevicetoaccessanetworkprotectedthroughcerticates,youmustinstallasignedclientcerticateonthedevice.
Authenticationmethod:SelectanEAPtypeusedforauthentication.
Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe
client’sidentity.
CAcerticates:SelectCAcerticatestovalidatetheauthenticationserver’sidentity.Whennocerticateisselected,thedevice
triestoauthenticateitselfregardlessofwhatnetworkitisconnectedto.
EAPidentity:Entertheuseridentityassociatedwiththeclientcerticate.
EAPOLversion:SelecttheEAPOLversionthatisusedinthenetworkswitch.
UseIEEE802.1x:SelecttousetheIEEE802.1xprotocol.
ThesesettingsareonlyavailableifyouuseIEEE802.1xPEAP-MSCHAPv2astheauthenticationmethod:
Password:Enterthepasswordforyouruseridentity.
30

Table of Contents

Related product manuals